CloudPro #19: Amazon CodeWhisperer Customized Recommendations, Atlassian's Compass IDP GA, Microsoft Radius live, Terraform AWS Provider 2B downloads

Use this Kubernetes feature to increase your app’s scalability, How to Prevent AI from Hurting Your K8s Deployments, Dynamic webapps on AWS Amplify

Welcome to a brand new edition of the CloudPro! Today, we’ll talk about:

Masterclass:

1. This company used AI to get 500M downloads and 100M users

2. How this company stopped HTTP/2 DDOS vulnerability 6 months before Google

3. Why is Kubernetes written in Go?

4. Datadog found security threats in AWS

5. This guy built a Distributed Web Crawler inspired by Google

6. How to add AI to your web apps using low-code

Secret Knowledge:

1. Checkout this feature in Kubernetes to increase your app’s scalability

2. How to make dynamic web apps using AWS Amplify

3. SQL can’t handle AI. Say hello to BigQuery DataFrames, the latest product from GCloud

4. First rule of cloud security: Keep your AWS RDS instances private

5. How to Prevent AI from Hurting Your Kubernetes Deployments

Techwave:

1. Amazon CodeWhisperer now gives you customized code recommendations

2. Atlassian’s Compass Internal Developer Platform Generally Available

3. Radius: Microsoft’s new open-source, multi-cloud, platform to build and manage cloud applications

From the Cloud World:

1. Google has unveiled Falcon, a reliable low-latency hardware transport solution

2. HashiCorp Terraform's AWS Provider reaches 2 billion downloads

3. version 1.21.0 of the CloudNativePG Operator includes volume snapshot support for PostgreSQL databases

4. Mistral 7B foundational model available in Google Cloud’s Vertex AI

5. OpenSearch 2.9 introduces Search Pipelines to simplify the building of query and result processing pipelines

HackHub:

1. Dataman-Cloud/swan

2. kubeguard/guard

3. ThreeMammals/Ocelot

4. stepro/kdo

5. kubevirt/kubevirt

Cheers,

Shreyans Singh

Editor-in-Chief

PS: I hope you will enjoy today's newsletter! I’m all ears for your thoughts – the good, the great, and the "meh." Share your feedback and snag a free Packt eBook. It's a win-win. Can't wait to hear what you think!

Share your feedback and get a free Packt eBook!

---

Rapidly create custom browser mods

Stop creating yet another screen. PixieBrix is the first low-code platform to add automation, integrations, collaboration, and AI to the web apps your teams already use. 

Learn More

---

⭐ MasterClass: Tutorials & Guides

⭐How this company used AI to get 500M downloads and 100M users:

Bending Spoons, a Milan-based app developer, achieved great success with mobile apps like Splice and Remini by using AI to create unique and popular products. They focused on building a platform optimized for developing various digital products, used AI to enhance user experiences, and embraced emerging technologies to stay ahead in the competitive app market.

⭐How this company stopped HTTP/2 DDOS vulnerability 6 months before Google:

• Linkerd uses Rust to prevent vulnerabilities seen in other languages like C and C++.

• The vulnerability was initially identified in the Rust community (RUSTSEC-2023-0034) on April 14, 2023, but it had already been fixed in the underlying library, h2, on April 12.

• Automated tools helped Linkerd spot the fix on April 13, and it was quickly incorporated as proxy version v2.198.1.

• By April 14, Linkerd released version 2.13.1 with the fix, the same day it became a Rust ecosystem vulnerability.

• The fix was also applied to edge-23.4.2 on April 21, protecting all future Linkerd releases.

• Thus, Linkerd's rapid response and the Rust community's vigilance ensured that Linkerd users were protected from this vulnerability six months before it became public.

⭐Why is Kubernetes written in Go?

Interesting discussion on reddit about the reason why Kubernetes is written in Go. Main reasons are:

• Great standard lib with "web-friendly" concepts

• Many of the associated projects were in Go (docker and etcd in particular)

• Good OSS community

• Good perfermance to complexity ratio

⭐Datadog found security threats in AWS:

This post discusses Datadog’s security research in AWS environments, focusing on threat hunting activities. Key findings include:

• Attackers creating new IAM users after compromising an environment.

• The use of "root" as an IAM user name for stealth.

• An attacker toolkit named "EmperorsToolsShops32" sold online.

• Instances of potentially malicious security group creation.

• Creation of EC2 key pairs for maintaining access.

• Common enumeration techniques used by attackers.

⭐This guy built a Distributed Web Crawler inspired by Google:

This article discusses the architecture of a distributed web crawler, inspired by Google's crawling technology. It highlights the importance of distributed crawlers for handling web data at scale. The technology stack includes Kubernetes, Golang, Python, NodeJS, Grafana, Prometheus, and the ELK Stack. It provides steps for setting up the development environment and outlines the core components of the crawler's architecture.

---

🔍Secret Knowledge: Learning Resources

🔍Checkout this feature in Kubernetes to increase your app’s scalability:

Imagine you have a web server that generates files for downloading. When you scale up your application, you might face problems like requests going to the wrong server.

The solution is to use a shared disk called a "Volume" that each server can access. This ensures that no matter which server receives a request, it can always find and deliver the requested files. This is better than relying on luck or complex configurations with load balancers.

🔍How to make dynamic web apps using AWS Amplify:

• Install AWS Amplify CLI using this command: `npm install -g @aws-amplify/cli`

• Check the installation with `amplify --version`

• Configure AWS Amplify CLI by running `amplify configure` in PowerShell. Sign in with your AWS account and create a dedicated user with access keys.

• Create a new React app with `npx create-react-app amplify-app`.

• Navigate into your app directory and initialize it for Amplify with `amplify init -y`.

• Install necessary dependencies for AWS Amplify and React UI components with `npm install aws-amplify @aws-amplify/ui-react`.

• Modify the `src/index.js` file as shown in the tutorial to configure AWS Amplify.

• Add a GraphQL API to your app using `amplify add api`. Follow the tutorial's schema template for GraphQL.

• Deploy your app by running `amplify push`. Follow the default settings for authentication.

• Start your app with `npm start`. Create a new user, sign in, and use your note-taking app!

🔍SQL can’t handle AI. Say hello to BigQuery DataFrames, the latest product from GCloud:

Google has introduced BigQuery DataFrames, a tool for data analysis and processing with Python. It helps manage trends like generative AI and big data. Two key APIs:

• bigframes.pandas: Simplifies data input/output and manipulation. Allows smooth transitions to traditional pandas for analysis.

• bigframes.ml: Enables large-scale machine learning and scalable Python functions. Integrates with Vertex AI for advanced modeling.

It's user-friendly and integrates with Google Cloud environments, making it easier for data professionals to work with large datasets using Python.

🔍First rule of cloud security: Keep your AWS RDS instances private:

• Secure RDS instances in a Virtual Private Cloud (VPC) with a restrictive Security Group.

• Use AWS CLI or the web console to check if your instances are publicly accessible.

• RDS instances should not be public.

• Regularly audit and monitor RDS security.

• Ideally, keep RDS and applications in the same VPC.

🔍How to Prevent AI from Hurting Your Kubernetes Deployments:

AI can pose risks to Kubernetes deployments. This article offers strategies to prevent these risks. It highlights the increasing threat of AI-generated phishing attacks and synthetic data. It advises Kubernetes leaders to create a playbook for AI security, identify use cases, build on DevSecOps practices, involve Red and Blue teams, and strengthen their last line of defense.

---

⚡ TechWave: Cloud News & Analysis

⚡Amazon CodeWhisperer now gives you customized code recommendations:

Amazon CodeWhisperer, an AI coding companion, now offers a customization feature in preview. This feature allows developers to receive tailored code recommendations from their private code repositories, making it easier to work with internal libraries and APIs. Here's how it works:

• Setup: CodeWhisperer administrators can connect private code repositories (GitHub, GitLab, or Bitbucket) to customize the tool.

• Customization: CodeWhisperer analyzes the connected code repositories to create a model based on your organization's codebase.

• Activation: Administrators can activate the customization, and team members can access it in their integrated development environments (IDEs).

⚡Atlassian’s Compass Internal Developer Platform Generally Available:

Compass offers several features to enhance the developer experience, including:

• centralized catalog to track all services and relevant data

• offers Health Scorecards and DORA Metrics for reliability and performance tracking.

• Automates the creation of new services, integrating CI/CD deployment pipelines, cloud infrastructure provisioning, and other relevant details

• Integrates with popular tools, such as AWS, GitHub, Slack, CircleCI, and more

⚡Radius: Microsoft’s new open-source, multi-cloud, platform to build and manage cloud applications:

• What is Radius: Radius is a platform that makes it easier for people to build and manage applications in the cloud.

• Cloud Platforms: It works with different cloud providers, like Microsoft Azure and Amazon Web Services, and can be used with more in the future.

• Benefits for Developers: Radius helps developers see all the parts of their applications and connect new parts without much effort. It takes care of things like permissions and connections for them.

• Ensuring Quality: It also makes sure that the cloud resources used for applications meet requirements for cost, operations, and security. It does this by following predefined rules called "recipes."

• Open and Multi-Cloud: Radius is open-source, which means anyone can use it and even contribute to its development. It works on multiple cloud platforms, so you're not locked into just one.

---

🌐From the Cloud World:

🌐Google has unveiled Falcon, a reliable low-latency hardware transport solution designed to handle massive-scale AI/ML training and HPC.

🌐HashiCorp Terraform's AWS Provider reaches 2 billion downloads, showing the importance of infrastructure as code (IaC) for efficient infrastructure management.

🌐The CloudNativePG Community has released version 1.21.0 of the CloudNativePG Operator, which includes volume snapshot support for PostgreSQL databases, improved security, and other enhancements, making it easier to manage PostgreSQL in Kubernetes.

🌐Mistral 7B foundational model available in Google Cloud’s Vertex AI. Vertex AI is a machine learning platform by Google Cloud that allows you to train and deploy ML models and customize LLMs for AI applications.

🌐OpenSearch 2.9 introduces Search Pipelines, a feature that simplifies the building of query and result processing pipelines, allowing modular steps like query rewriters and natural language processors, enhancing search capabilities in the Amazon OpenSearch service.

---

🛠️HackHub: Best Tools for Cloud

🛠️Dataman-Cloud/swan: A Distributed, Highly Available Mesos Scheduler, Inspired by the design of Google Borg

🛠️kubeguard/guard: Kubernetes Authentication & Authorization WebHook Server

🛠️ThreeMammals/Ocelot: dotnet 7.0 API Gateway

🛠️stepro/kdo: Deployless Development on Kubernetes

🛠️kubevirt/kubevirt: Kubernetes Virtualization API and runtime in order to define and manage virtual machines

---